Hi Jérémy Is the passwordPolicy is enabled ?
Le jeu. 25 mars 2021 à 20:26, Jérémie Pilette <[email protected]> a écrit : > > The attribute and the value are good in the LDAP. > By watching the ldap.log.level=debug, I do not see something strange.. I > can see all the values with their attributes, no error messages... > Le jeudi 25 mars 2021 à 18:57:34 UTC+1, Ray Bon a écrit : > >> Jérémie, >> >> Check ldap to be sure an attribute and value exist for id_attribute for >> your user. You could also check your ldap logs to see why the value is not >> released. >> >> If cas is having difficulties connecting to ldap, you can set, >> <Property name="ldap.log.level">debug</Property> >> which is at the top of the log4j2.xml file. >> >> Ray >> >> On Thu, 2021-03-25 at 10:04 -0700, Jérémie Pilette wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Yes I have this file. I try to do with it ok. >> >> And in my */var.lib/tomcat9/Cataline.out*, I have this line : >> [2021-03-25 18:02:39] [info] #033[33m2021-03-25 18:02:39,848 WARN >> [org.apereo.cas.services.ReturnMappedAttributeReleasePolicy] - <Could not >> find value for mapped attribute [*codeNYP*] that is based off of [ >> *id_attribute*] in the allowed attributes list. Ensure the original >> attribute [*id_attribute*] is retrieved and contains at least a single >> value. Attribute [*codeNYP*] will and can not be released without the >> presence of a value.>#033[m >> >> >> Le jeudi 25 mars 2021 à 17:55:46 UTC+1, Ray Bon a écrit : >> >> Jérémie, >> >> The cas logger bit can be added to etc/cas/config/log4j2.xml). >> >> Ray >> >> On Thu, 2021-03-25 at 09:35 -0700, Jérémie Pilette wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> Thank you for your response Ray Bon, but where I have to do that ? >> Should I uncomment these lines in a file or add these lines in a specific >> file ? >> Thank you. >> >> >> Le jeudi 25 mars 2021 à 16:46:34 UTC+1, Ray Bon a écrit : >> >> Jérémie, >> >> Try this logger to see what cas is doing with the attributes: >> >> <!-- DEBUG Found principal attributes [...] for [username] >> Attribute policy [???] allows release of [...] for >> [username] >> Final collection of attributes allowed are: [...] --> >> <AsyncLogger >> name="org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy" >> level="debug"/> >> >> The client application must be configured to call the CASv3 endpoint. >> >> Ray >> >> On Thu, 2021-03-25 at 01:56 -0700, Jérémie Pilette wrote: >> >> Notice: This message was sent from outside the University of Victoria >> email system. Please be cautious with links and sensitive information. >> >> >> >> Hi, >> I would like to use Attribute release for one application (Yparéo). >> I was usin CAS 5.1, and it was operationnal. >> >> Now with the new version 6.4, it does'nt work. >> >> I am using json file configuration : >> ****************************************************************** >> { >> "@class" : "org.apereo.cas.services.RegexRegisteredService", >> "serviceId" : "^(https|http)://URL/cas.*", >> "name" : "netYpareo", >> "id" : 10000005, >> "description" : "NetYparéo", >> "evaluationOrder" : 3, >> "accessStrategy" : >> { >> "@class" : >> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", >> "enabled" : "true", >> "ssoEnabled" : "true", >> "requireAllAttributes": "true", >> "caseInsensitive": "false" >> }, >> "attributeReleasePolicy" : >> { >> "@class" : >> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", >> "allowedAttributes" : >> { >> "@class" : "java.util.TreeMap", >> "*id_attribute*" : "*codeNYP*" >> } >> }, >> "authorizedToReleaseCredentialPassword" : "false", >> "authorizedToReleaseProxyGrantingTicket" : "false", >> "excludeDefaultAttributes" : "false", >> "*principalIdAttribute*" : "*login_attribute*" >> } >> ****************************************************************** >> In my cas.properties : >> cas.authn.authentication-attribute-release-enabled=*true* >> cas.authn.ldap[0].principal-attribute-list=*id_attribute* >> >> Maybe I forget something ? >> >> One other question : How could we know which protocol is used to do that ? >> The application accept CASv3, so I want to use CASv3, not SAML or other >> .... >> >> Thank you >> >> -- >> >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >> >> I respectfully acknowledge that my place of work is located within the >> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >> WSÁNEĆ Nations. >> >> -- >> >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >> >> I respectfully acknowledge that my place of work is located within the >> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >> WSÁNEĆ Nations. >> >> -- >> >> Ray Bon >> Programmer Analyst >> Development Services, University Systems >> 2507218831 <(250)%20721-8831> | CLE 019 | [email protected] >> >> I respectfully acknowledge that my place of work is located within the >> ancestral, traditional and unceded territory of the Songhees, Esquimalt and >> WSÁNEĆ Nations. >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0401584-5fa0-44b2-b400-829704856ccbn%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f0401584-5fa0-44b2-b400-829704856ccbn%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BM02YuYUr7S3En1AqH%3D9DbjhNFcTcdhtmmvPdnekB%2B__sOA3g%40mail.gmail.com.
